Slashdot Mirror

← Back to Stories (view on slashdot.org)

Safari Privacy Bug May Be Leaking Your Data

Posted by timothy on from the problem-with-software-is-that-it-sucks dept.

richi writes "If you use Safari, your browser may be leaking your private information to any website you visit. Jeremiah Grossman, the CTO of WhiteHat Security, has discovered some Very Bad News. I have some analysis and other reactions over at my Computerworld blog. The potential for spam and phishing is huge. A determined attacker might even be able to steal previously-entered customer data." In short, autofill for Web forms is enabled by default in Safari 4 / 5 (and remotely exploitable), and the data that this feature has access to includes the user's local address book — even if the information has never been entered into a Web form.

4 of 152 comments (clear)

  1. Re:So..'many eyes make bugs shallow'? by Anonymous Coward · · Score: -1, Offtopic

    Can someone say "Strawman"?

    Thanks...

  2. proud to be! by Infonaut · · Score: 0, Offtopic
    1. Rainbow apple stickers are no longer "hip" or "in"?
    2. What are you doing after?
    3. You're just jealous. Maybe you'd like a job as my cabana boy. Did I already ask you what you're doing after? I forget. So many drugs, so little time.
    4. Listen, in Paraguay this blend of bat guano, fern leaves, and cave-grown coffee is common. Want a taste? Hey, what are you doing later?
    5. I'm proud to be a fat neckbeard who wears skinny black jeans, Chuck Tailors, ironic t-shirts, and ugly black glasses. You should be so lucky.

    But seriously, what are you doing after?

    --
    Read the EFF's Fair Use FAQ
  3. Th1s Fp for GNAA by Anonymous Coward · · Score: -1, Offtopic

    Argued by Eric clearly. There Hubbard and Mike corporate Are you GAY distribution make an arduous by simple fucking Crrek, abysmal

  4. Re:But not Firefox... by Anonymous Coward · · Score: -1, Offtopic

    Newsflash: Safari isn't the only thing from Cupertino that leaks information. I'm talking about fags' asses leaking DNA in the form of semen.

    Maybe I'm misremembering Owebama's lofty campaign speeches, but weren't we promised that lobbyists would have no place in his administration? So how is it that Google's chief lobbyist would up as ol' Barry Soetoro's WH Deputy Chief Technology Officer?

    http://nlpc.org/cached/white-house-emails-show-more-extensive-improper-contact-google.html?q=stories/2010/07/22/white-house-emails-show-more-extensive-improper-contact-google